Auth: hydra deployment + basic integration with kratos/auth-ui flow
diff --git a/core/auth/hydra/hydra.yaml b/core/auth/hydra/hydra.yaml
new file mode 100644
index 0000000..a650e39
--- /dev/null
+++ b/core/auth/hydra/hydra.yaml
@@ -0,0 +1,56 @@
+version: v1.10.6
+
+dsn: postgres://postgres:psswd@postgres:5432/hydra?sslmode=disable&max_conns=20&max_idle_conns=4
+
+serve:
+ cookies:
+ same_site_mode: None
+ public:
+ cors:
+ enabled: true
+ debug: true
+ allow_credentials: true
+ allowed_origins:
+ - https://lekva.me
+ - https://*.lekva.me
+ admin:
+ # host: localhost
+ cors:
+ allowed_origins:
+ - https://hydra.pcloud
+ tls:
+ allow_termination_from:
+ - 0.0.0.0/0
+ - 10.42.0.0/16
+ - 10.43.0.0/16
+ - 111.0.0.1/32
+ tls:
+ allow_termination_from:
+ - 0.0.0.0/0
+ - 10.42.0.0/16
+ - 10.43.0.0/16
+ - 111.0.0.1/32
+
+urls:
+ self:
+ public: https://hydra.lekva.me
+ issuer: https://hydra.lekva.me
+ consent: https://accounts-ui.lekva.me/consent
+ login: https://accounts-ui.lekva.me/login
+ logout: https://accounts-ui.lekva.me/logout
+
+secrets:
+ system:
+ - youReallyNeedToChangeThis
+
+oidc:
+ subject_identifiers:
+ supported_types:
+ - pairwise
+ - public
+ pairwise:
+ salt: youReallyNeedToChangeThis
+
+log:
+ level: trace
+ leak_sensitive_values: true